1. Technical Field
The invention is related to a system and process for automatically remotely controlling the security state of an Internet web page having at least two frames wherein the web page is displayed via an Internet browser or other application for displaying Internet web pages.
2. Related Art
By way of background, existing schemes using frame-based display of third-party web pages typically use hyperlinks within a frame to point to a third-party web page. User selection of such a hyperlink typically causes a frame within the window of an Internet browser to be replaced with the third party web page. However, if the hyperlink points to a third party web page requiring SSL, such as by using an HTTPS address, the frame replaced with the third party web page will be secure, while the remaining frames within the window will remain in invention uses the same script and HTML for all implementations of the Web Component, regardless of which, or how many, unique local clients make use of the Web Component to automatically remotely control the security state of a web page and any associated frames. This code reuse is accomplished by using entry web pages, or “entry points,” as described in further detail below, to set the value of function properties or parameters of the Web Component for dynamically and automatically remotely controlling the security state of a web page and any associated frames. The script and/or HTML of the Web Component pages does not change based on each new implementation or instantiation. Consequently, little setup work is required for each implementation, and only a basic verification test pass is completed for the implementation.
Additionally, in a further embodiment, these Web Components are also useful for automatically generating uniquely customized web pages. In this context, at least one dynamically customizable Web Component is provided on a remote server to define what information (i.e. the information content) will be in a web page displayed by the Internet browser on a local client or transmitted to the Internet browser by the local client. In this context, a “local client” refers to a local client, a web server, a web site, a web page, an end-user computer, a specific server hosting web pages, any server or web page request originating from specific domains or IP addresses, any other computer system or application capable of accessing the remote server, or any combination of the aforementioned computers, servers, applications or processes. Examples of types of information that may be displayed include, for example, text, images (motion or still), audio data, applets, scripts, forms, hyperlinks, or any other data, information, or content that can be provided via the Internet from a remote server to a local client.
Further, in one embodiment, the Web Component defines how the displayed information will appear to a user, i.e. the color, style, layout, border, background, font size, type, style and characteristics, or any other desired parameters for defining the appearance of the information displayed by the Internet browser on the local client.
In another embodiment, alternate images for each individual instantiation of the Web Component are preferably stored in at least one computer readable storage medium including a database, script, or other electronic file addressable by the Web Component, using a file path stored as a parameter of the instance of the Web Component for dynamically and automatically generating the web page. Similarly, in another embodiment, text files that contain Web Component-specific textual data are preferably copied and/or altered, again using one or more file paths stored as a parameters of the instance of the Web Component for dynamically and automatically generating the web page. Use of alternate images and/or text files, as described for the preceding embodiments, provides for simple customization of the Web Component by providing the ability to pre-define items such as images and/or text for use in specific instantiations of the Web Component.
Finally, in another embodiment, the system and process of the present invention employs each of the aforementioned embodiments, or any combination thereof in automatically defining the information displayed in at least one web page, the appearance of that information, and the security state of the displayed window and associated frames for the web page.
In general, the Web Component represents at least one dynamically configurable web page, and is comprised of at least one encapsulated web-based feature or function for defining one or more of security state, information content, and information appearance as described above. Consequently, one or more unique Web Components can be combined to form a complete web site, or portions thereof. The Web Component is customizable in that it is automatically and dynamically configured by setting one or more function properties associated with each function in response to a communication to the remote server from a whatever state they were in at the time that the hyperlink was selected or activated by the user. Consequently, a mixture of secure and non-secure frames will exist within the same browser or application window, thereby typically causing the end user to be warned of the mix of secure and insecure content and preventing the browser from enabling the security icons which indicate a completely encrypted connection.
Further, in some cases, a hyperlink in a frame may point to a non-HTTPS address that is subsequently redirected by the non-HTTPS address to an HTTPS address. In such cases, there will again be a mixture of secure and non-secure frames existing within the same window. Consequently, in such cases, a typical end user would feel unsafe in sending confidential information, such as, for example, credit numbers, or social security numbers, over the Internet via the mixed-security window.
Therefore, what is needed is a system and method for automatically remotely controlling the security state of a web page and any frames associated with that web page.